ChrisChen/ROLAC
1
0
Fork 0
Code Issues 66 Pull Requests Actions Packages Projects Releases Wiki Activity

Add audit logs.
ci-cd-vm / ci-cd (push) Successful in 4m2s
Details

Browse Source
This commit is contained in:
Chris Chen
2026-06-23 12:13:47 -07:00
parent 870eeec82a
commit 62592c29ae
106 changed files with 2522 additions and 311 deletions
Download Patch File Download Diff File Expand all files Collapse all files
API/ROLAC.API/Services/PermissionService.cs
+30 -1
View File
@@ -1,9 +1,12 @@
using System.Security.Claims;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Caching.Memory;
using ROLAC.API.Authorization;
using ROLAC.API.Data;
using ROLAC.API.DTOs.Permissions;
using ROLAC.API.Entities;
using ROLAC.API.Entities.Logging;
using ROLAC.API.Services.Logging;
namespace ROLAC.API.Services;
@@ -36,11 +39,19 @@ public class PermissionService : IPermissionService
private readonly IServiceScopeFactory _scopeFactory;
private readonly IMemoryCache _cache;
private readonly SystemLogQueue _logQueue;
private readonly IHttpContextAccessor _http;
public PermissionService(IServiceScopeFactory scopeFactory, IMemoryCache cache)
public PermissionService(
IServiceScopeFactory scopeFactory,
IMemoryCache cache,
SystemLogQueue logQueue,
IHttpContextAccessor http)
{
_scopeFactory = scopeFactory;
_cache = cache;
_logQueue = logQueue;
_http = http;
}
public async Task<bool> HasPermissionAsync(IEnumerable<string> roles, string module, string action)
@@ -174,6 +185,24 @@ public class PermissionService : IPermissionService
await db.SaveChangesAsync();
Invalidate();
// Singleton service can't use the scoped IAuditLogger — enqueue directly.
var user = _http.HttpContext?.User;
_logQueue.TryEnqueue(new AuditLog
{
Timestamp = DateTimeOffset.UtcNow,
Level = LogLevelEnum.Warning,
Action = AuditActions.PermissionChanged,
Category = AuditCategories.Security,
EntityName = "Role",
EntityId = roleName,
Summary = $"Permissions updated for role '{roleName}'",
Changes = AuditChangeSerializer.BuildChanges(null, new { Role = roleName, Modules = rows }),
UserId = user?.FindFirstValue(ClaimTypes.NameIdentifier) ?? user?.FindFirstValue("sub"),
UserEmail = user?.FindFirstValue("email"),
IpAddress = _http.HttpContext?.Connection.RemoteIpAddress?.ToString(),
CorrelationId = _http.HttpContext?.TraceIdentifier,
});
}
public void Invalidate() => _cache.Remove(CacheKey);